Hacker Fest: 2019

  • Name: Hacker Fest: 2019
  • Date release: 7 Oct 2019

Please remember that VulnHub is a free community resource so we are unable to check the machines that are provided to us. Before you download, please read our FAQs sections dealing with the dangers of running unknown VMs and our suggestions for "protecting yourself and your network. If you understand the risks, please download!


(Size: 569 MB)


(Size: 471 MB)

The machine was part of my workshop for Hacker Fest 2019 at Prague.

Difficulty level of this VM is very “very easy”. There are two paths for exploit it.

  • There are no intentional rabbit holes.
  • Through a vulnerable "[retracted]". Exploit is part of MSF.
  • Through vulnerable "[retracted]".
    • Can be found by "[retracted]".
    • There is a "[retracted]" injection (exploit is part of MSF).
    • Recovered credentials (username + hash) can be cracked by John and rockyou.txt wordlist.
    • Low priv shell can be gained through MSF exploit or trying the credentials against "[retracted]".
    • Priv. esc. is simply done by "[retracted]".

It works better in VirtualBox than VMware. - .OVA = VirtualBox file - .ZIP = Hyper-V VM (v5)

  • Filename: HF2019-Linux.ova
  • File size: 569 MB
  • MD5: 98C0A9C41F779207689379D1E2E301E8
  • SHA1: 1D1547763D3183C8049CC3ADAC9A189A6C90965E

  • Filename: HF2019-Linux.zip
  • File size: 471 MB
  • MD5: F8425050FFB60B5F307941C32B2C075A
  • SHA1: D201EBD48079B676EE498E348A9A2F989B8E0D61

  • Format: Virtual Machine (Virtualbox - OVA)
  • Operating System: Linux

  • DHCP service: Enabled
  • IP address: Automatically assign